Introducing the Kubernetes kubelet in CoreOS Linux

This week we have added the kubelet, a central building block of Kubernetes, in the alpha channel for CoreOS Linux. The kubelet is responsible for maintaining a set of pods, which are composed of one or more containers, on a local system. Within a Kubernetes cluster, the kubelet functions as a local agent that watches for pod specs via the Kubernetes API server. The kubelet is also responsible for registering a node with a Kubernetes cluster, sending events and pod status, and reporting resource utilization.

While the kubelet plays an important role in a Kubernetes cluster, it also works well in standalone mode — outside of a Kubernetes cluster. The rest of this post will highlight some of the useful things you can do with the kubelet running in standalone mode such as running a single node Kubernetes cluster and monitoring container resource utilization with the built-in support for cAdvisor.

First we need to get the kubelet up and running. Be sure to follow this tutorial using CoreOS Linux 773.1.0 or greater.

Configuring the Kubelet with systemd

CoreOS Linux ships with reasonable defaults for the kubelet, which have been optimized for security and ease of use. However, we are going to loosen the security restrictions in order to enable support for privileged containers. This is required to run the proxy component in a single node Kubernetes cluster, which needs access to manipulate iptables to facilitate the Kubernetes service discovery model.

Start the kubelet service

With the systemd unit file in place start the kubelet using the systemctl command:

sudo systemctl daemon-reload sudo systemctl start kubelet

To ensure the kubelet restarts after a reboot be sure to enable the service:

sudo systemctl enable kubelet

At this point you should have a running kubelet service. You can verify this using the systemctl status command:

sudo systemctl status kubelet

Bootstrapping a single node Kubernetes cluster

The kubelet provides a convenient interface for managing containers on a local system. The kubelet supports a manifest directory, which is monitored for pod manifest every 20 seconds by default. This directory /etc/kubernetes/manifests was configured earlier via the --config flag in the kubelet systemd unit.

Pod manifests are written in the JSON or YAML file formats and describe a set of volumes and one or more containers. We can deploy a single node Kubernetes cluster using a pod manifest placed in the manifest directory.

Monitoring Containers with cAdvisor

The kubelet ships with built-in support for cAdvisor, which collects, aggregates, processes and exports information about running containers on a given system. cAdvisor includes a built-in web interface available on port 4194.

The cadvisor web interface.

The cAdvisor web UI provides a convenient way to view system wide resource utilization and process listings.

System utilization information.

cAdvisor can also be used to monitor a specific container such as the kube-apiserver running in the Kubernetes pod:

More with CoreOS and Kubernetes

Adding the kubelet to the CoreOS Linux image demonstrates our commitment to Kubernetes and bringing the best of open source container technology to our users. With native support for the Kubernetes kubelet we hope to streamline Kubernetes deployments, and provide a robust interface for managing and monitoring containers on a CoreOS system.

If you’re interested in learning more about Kubernetes, be sure to attend one of our upcoming trainings on Kubernetes in your area. More dates will be added so keep checking back. If you want to request private on-site training, contact us.